Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b7187a54 by Moritz Muehlenhoff at 2026-06-21T20:15:19+02:00
trixie triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -609,7 +609,13 @@ CVE-2026-46699 (conda-smithy is a tool for combining a
conda recipe with configu
NOT-FOR-US: conda-smithy
CVE-2026-45696 (OpenEXR is the reference implementation and specification for
the EXR ...)
- openexr <unfixed>
+ [trixie] - openexr <not-affected> (Vulnerable code not present)
+ [bookworm] - openexr <not-affected> (Vulnerable code not present)
+ [bullseye] - openexr <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-gjpj-qv64-vwhf
+ NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/2397
+ NOTE: Introduced by
https://github.com/AcademySoftwareFoundation/openexr/commit/50ba96b1dbe353a98a626c7fd0ff1e50cc8c188f
(v3.4-alpha)
+ NOTE: Fixed by: by
https://github.com/AcademySoftwareFoundation/openexr/commit/c7af2d233b7b2a4452c11f26cf47584cc2b35721
(v3.4.13-rc)
CVE-2026-44663 (OpenEXR is the reference implementation and specification for
the EXR ...)
- openexr <unfixed>
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-777r-f9x8-7r84
@@ -818,6 +824,7 @@ CVE-2026-46580 (In Eclipse Theia versions prior to 1.71.0,
files matching the pa
NOT-FOR-US: Eclipse
CVE-2026-44942 (A path traversal in handling the "path" component of .repo
files proce ...)
- libzypp 17.38.13-1
+ [trixie] - libzypp <no-dsa> (Minor issue)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1267874
CVE-2026-44691 (In Eclipse Theia versions prior to 1.69.0, custom task
definitions in ...)
NOT-FOR-US: Eclipse
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7187a54d85318bef9d310fd7cd2c1416ea3ac87
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7187a54d85318bef9d310fd7cd2c1416ea3ac87
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits